<?php
/***************************************************************************/
/* SPD Nast�tten                                                           */
/* ===========                                                             */
/*                                                                         */
/* Copyright (c) 2006-2008 by Lukas Schreiner, Pascal Villmann             */
/* For more information visit: http://spd-nastaetten.de                    */
/*                                                                         */
/*                                                                         */
/* This program is free software. You can redistribute it and/or modify    */
/* it under the terms of the GNU General Public License as published by    */
/* the Free Software Foundation; either version 0.2 of the License.        */
/***************************************************************************/
//Konfigurations-Sicherheits-Key
$config_secure_key_client = "S?a58tM!}J3gb&Z6E9{pk*Q2H1=o_Pr4Td0-7W/qCx7n2+AYf5%8?iB%zL0";
//Konfigurationsdateien einf�gen
require_once('./system/settings.inc.php');
//Markierung und Unterlinks
$home_section = "admin.php";
$home_section2 = "admin_medit.php";
$section = "intern.php";
//Administratorbereich nur ausgeben, wenn Session authentifiziert ist
//�berpr�fen ob "typid" existiert, wenn nicht, auf 0 setzen
if(!isset($_SESSION['typid'])) $_SESSION['typid'] = '0';
if(isset($_SESSION['auth']) && $_SESSION['typid'] > 0 && $_SESSION['timeout']>time()){
if(isset($_SESSION['rights']) && substr_count($_SESSION['rights'], ',6,') > 0 && substr_count($_SESSION['rights'], ',1,') > 0){

//Parameter auslesen
if(isset($_GET['mid'])){
$memberID = $_GET['mid'];
}else{
$memberID = "0";
}
//Abfragen
$member_SQL = "SELECT * FROM " . $global_prefix . "member m INNER JOIN " . $global_prefix . "groups g ON m.member_group=g.group_id WHERE member_ID='$memberID'";
$member_rights_SQL = "SELECT user_rights FROM " . $global_prefix . "rights_user WHERE user_id='$memberID'";
$member_rights_result = mysql_query($member_rights_SQL);
$member_result = mysql_query($member_SQL);
$groups_SQL = "SELECT group_id, group_name FROM " . $global_prefix . "groups";
$groups_result = mysql_query($groups_SQL);
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<?php
include('./layout/head_meta.inc.php');
?>
  <style>
<!--
                .text { font-family: Verdana,Arial,Helvetica,sans-serif; font-size: 12px;}
                .bild-text {color:#C0C0FF; font-family: Verdana,Arial,Helvetica,sans-serif; font-size: 10px;}
-->
  </style>
</head>
<body scroll="auto" leftmargin="10" topmargin="10" marginwidth="10" marginheight="10" bgcolor="#A70D01">
  <div align="center">
  <table border="0" cellspacing="0" cellpadding="0">
    <tr>
      <td rowspan="3"><a href="admin_medit.php">
      <img name="top" src="images/spdde/portal/top/t1_1_1.gif" alt="" border="0" width="141" height="70" /></a></td>
      <td><img src="images/spdde/portal/top/t1_2_1.jpg" alt="" width="49" height="13" /></td>
      <td rowspan="3"><img src="images/spdde/portal/top/t1_3.jpg" alt="" width="10" height="70" /></td>
      <td><img src="images/spdde/portal/top/t1_4_1.jpg" alt="" width="49" height="13" /></td>
      <td rowspan="3"><img src="images/spdde/portal/top/t1_5.jpg" alt="" width="10" height="70" /></td>
      <td><img src="images/spdde/portal/top/t1_6_1.jpg" alt="" width="49" height="13" /></td>
      <td rowspan="3"><img src="images/spdde/portal/top/t1_7.jpg" alt="" width="10" height="70" /></td>
      <td><img src="images/spdde/portal/top/t1_8_1.jpg" alt="" width="49" height="13" /></td>
      <td rowspan="3"><img src="images/spdde/portal/top/t1_9.jpg" alt="" width="10" height="70" /></td>
      <td><img src="images/spdde/portal/top/t1_10_1.jpg" alt="" width="49" height="13" /></td>
      <td rowspan="3"><img src="images/spdde/portal/top/t1_11.jpg" alt="" width="10" height="70" /></td>
      <td><img src="images/spdde/portal/top/t1_12_1.jpg" alt="" width="49" height="13" /></td>
      <td rowspan="3">
      <img border="0" src="images/spdde/portal/top/logo_neue_staerke.jpg" width="206" height="70"></td>
      <td><img src="images/spdde/portal/top/t1_14_1.jpg" alt="" width="49" height="13" /></td>
      <td rowspan="3"><img src="images/spdde/portal/top/t1_15.jpg" alt="" width="10" height="70" /></td>
    </tr>
    <tr>
      <td><a target="_blank" href="http://www.spd.de/">
      <img border="0" src="images/spdde/portal/top/ch_quadrat_portal_aktiv.gif" width="49" height="49"></a></td>
      <td>
      <a target="_blank" href="http://www.spd.de/servlet/PB/menu/1009322/index.php">
      <img border="0" src="images/spdde/portal/top/ch_quadrat_presse_over.gif" width="49" height="49"></a></td>
      <td>
      <a target="_blank" href="http://www.spd.de/servlet/PB/menu/1009328/index.php">
      <img border="0" src="images/spdde/portal/top/ch_quadrat_netzwerk_over.gif" width="49" height="49"></a></td>
      <td><img src="images/spdde/portal/top/t1_8_2.gif" border="0" width="49" height="49" /></td>
      <td><img src="images/spdde/portal/top/t1_10_2.jpg" alt="" width="49" height="49" /></td>
      <td><img src="images/spdde/portal/top/t1_12_2.jpg" alt="" width="49" height="49" /></td>
      <td><a target="_blank" href="http://www.spd.de/">
      <img src="images/spdde/portal/top/t1_14_2.gif" border="0" alt="" width="49" height="49" /></a></td>
    </tr>
    <tr>
      <td><img src="images/spdde/portal/top/t1_2_3.jpg" alt="" width="49" height="8" /></td>
      <td><img src="images/spdde/portal/top/t1_4_3.jpg" alt="" width="49" height="8" /></td>
      <td><img src="images/spdde/portal/top/t1_6_3.jpg" alt="" width="49" height="8" /></td>
      <td><img src="images/spdde/portal/top/t1_8_3.jpg" alt="" width="49" height="8" /></td>
      <td><img src="images/spdde/portal/top/t1_10_3.jpg" alt="" width="49" height="8" /></td>
      <td><img src="images/spdde/portal/top/t1_12_3.jpg" alt="" width="49" height="8" /></td>
      <td><img src="images/spdde/portal/top/t1_14_3.jpg" alt="" width="49" height="8" /></td>
    </tr>
  </table>

  <table border="0" cellspacing="0" cellpadding="0" width="750">
    <tr>
      <td><a href="template.php">
      <img src="images/spdde/portal/top/t2.jpg" alt="" border="0" width="150" height="22" /></a></td>
      <td width="600" valign="middle" align="right">
      </td>
    </tr>
  </table>

  <table border="0" cellspacing="0" cellpadding="0" width="750">
    <tr>
      <td rowspan="2" width="150" valign="top">
        <table border="0" cellpadding="0" cellspacing="0">
          <tr><td><a target="_blank" href="http://www.spd.de/">
            <img src="images/spdde/portal/top/t3.jpg" alt="" border="0" width="150" height="58" /></a></td></tr>
          <tr><td><img src="images/spdde/common/trans.gif" width="1" height="16" alt="" border="0" /></td></tr>
        </table>
<!-- Beginn der Navigation-->        
<?php
include('./layout/navigation/left_navi.inc.php');
?>
<!-- Ende der Navigation-->

      </td>
      <td rowspan="2" valign="top"><img src="images/spdde/common/trans.gif" width="10" height="1" alt="" border="0" /></td>
      <td width="410" valign="top" bgcolor="#FDF8EF"> 
        <table border="0" cellpadding="0" cellspacing="0" bgcolor="#FCDAD0">
          <tr>
            <td rowspan="3"><img src="images/spdde/common/trans.gif" width="8" height="1" alt="" /></td>
            <td><img src="images/spdde/common/trans.gif" width="1" height="2" alt="" /></td>
            <td rowspan="3"><img src="images/spdde/common/trans.gif" width="2" height="1" alt="" /></td>
          </tr>
          <tr><td width="400" height="14" valign="middle" class="pathnolink">
            <a href="index.php">SPD-Nast&auml;tten.de</a> &gt;
            <a href="admin.php">Administration</a> &gt;
            <a href="admin_medit.php?mid=<?php echo $_GET['mid']; ?>">Benutzer bearbeiten</a></td></tr>
          <tr><td><img src="images/spdde/common/trans.gif" width="1" height="2" alt="" /></td></tr>
        </table>

<!-- Ueberschrift mit rotem Balken-->
        
        <table border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td><img src="images/spdde/common/trans.gif" width="16" height="12" alt="" /></td>
            <td></td>
            <td></td>
          </tr>
          <tr>
            <td></td>
            <td width="14" valign="bottom"><img src="images/spdde/portal/basics/quadrat_rechts.gif" width="10" height="6" alt="" /></td>
            <td width="364" valign="bottom"><b>Benutzer bearbeiten</b></td>
          </tr>
          <tr>
            <td></td>
            <td><img src="images/spdde/portal/basics/quadrat_rechts.gif" width="10" height="2" alt="" /></td>
            <td></td>
          </tr>
          <tr>
            <td></td>
            <td colspan="2" bgcolor="#A70D01"><img src="images/spdde/common/trans.gif" width="1" height="2" alt="" /></td>
          </tr>
        </table>

<!-- Ueberschrift mit rotem Balken Ende-->

<!-- Inhaltstabelle-->


        <table border="0" cellspacing="0" cellpadding="0" height="335">
          <tr>
            <td rowspan="2" height="335"><img src="images/spdde/common/trans.gif" width="16" height="2" alt="" /></td>
            <td width="378" height="316" class="news"><p>Herzlich Willkommen <?php echo $_SESSION['vorname'] . " " . $_SESSION['name']; ?> im Administrationsbereich.<br><br>
Sie haben hier jetzt die M&ouml;glichkeit, diesen User zu bearbeiten.<br />
        <b>Hinweis:</b> Sie m&uuml;ssen einem User die Berechtigungen f&uuml;r administrative Aktionen auch die Zugriffsberechtigung "Administration" geben. Das gleiche gilt f&uuml;r den Bereich "Intern".</p>
<p>
<?php
if($member = mysql_fetch_array($member_result)){
$member_rights = '%,';
while($member_rights_puffer = mysql_fetch_array($member_rights_result)){
$member_rights.= $member_rights_puffer['user_rights'] . ",";
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<table border="0" width="100%">
<tr>
<td><b>ID (#)</b></td>
<td><input type="text" size="5" name="member_ID" value="<?php echo $member['member_ID']; ?>" readonly="true"></td>
</tr>
<tr>
<td><b>Vorname / Name</b></td>
<td><input type="text" name="member_vorname" value="<?php echo $member['member_vorname']; ?>">&nbsp;<input type="text" name="member_name" value="<?php echo $member['member_name']; ?>"></td>
</tr>
<tr>
<td><b>Benutzername</b></td>
<td>... &auml;ndern: <input type="checkbox" name="change_user" value="1"> | <input type="text" name="member_user" value="<?php echo $member['member_user']; ?>"><br><small>(Bitte nur bei Not �ndern!)</small></td>
</tr>
<tr>
<td><b>Passwort</b></td>
<td>... &auml;ndern: <input type="checkbox" name="change_kennwort" value="1"> | <input type="password" name="member_kennwort" value=""><br><small>(Bitte nur bei Not �ndern!)</small></td>
</tr>
<tr>
<td><b>E-Mail</b></td>
<td><input type="text" name="member_email" value="<?php echo $member['member_email']; ?>"></td>
</tr>
<tr>
<td><b>Gruppe</b></td>
<td><select name="member_group">
<option value="<?php echo $member['group_id']; ?>" selected><?php echo $member['group_name']; ?></option>
<?php
while($groups = mysql_fetch_array($groups_result)){
echo "<option value=\"" . $groups['group_id'] . "\">" . $groups['group_name'] . "</option>";
}
?>
    </select></td>
</tr>
<tr>
<td><b>Status</b></td>
<td><select name="member_active">
<option value="1" <?php if($member['member_active'] == '1'){ echo 'selected'; } ?>>Aktiviert</option>
<option value="2" <?php if($member['member_active'] == '2'){ echo 'selected'; } ?>>Deaktiviert</option>
<option value="3" <?php if($member['member_active'] == '3'){ echo 'selected'; } ?>>Warteschlange</option>
    </select></td>
</tr>
<tr><td>Berechtigungen</td><td>
<table border="0" style="font-size : 11px;">
  <tbody>
<tr>
<td bgcolor="#DEF8C5" style="font-size : 11px;"><b>Administration</b></td>
<td bgcolor="#DEF8C5" style="font-size : 11px;"><b>Intern</b></td>
<td bgcolor="#DEF8C5" style="font-size : 11px;"><b>Protokolle hochladen</b></td>
</tr>
    <tr> <?php
//Aktivieren/Deaktivieren, je nach Berechtigungen
if(substr_count($_SESSION['rights'], ',7,') > 0){ $disabled = " "; }else{ $disabled="disabled "; }
 ?>
      <td bgcolor="#bbceff"><input name="privileges[]" value="1" type="checkbox" <?php echo $disabled; if(substr_count($member_rights, ',1,') > 0){echo 'checked';} ?>></td>
      <td bgcolor="#bbceff"><input name="privileges[]" value="2" type="checkbox" <?php echo $disabled; if(substr_count($member_rights, ',2,') > 0){echo 'checked';} ?>></td>
      <td bgcolor="#bbceff"><input name="privileges[]" value="3" type="checkbox" <?php echo $disabled; if(substr_count($member_rights, ',3,') > 0){echo 'checked';} ?>></td>
    </tr>
<tr>
<td bgcolor="#DEF8C5" style="font-size : 11px;"><b>Protokolle downloaden</b></td>
<td bgcolor="#DEF8C5" style="font-size : 11px;"><b>Benutzer hinzuf&uuml;gen</b></td>
<td bgcolor="#DEF8C5" style="font-size : 11px;"><b>Benutzer bearbeiten</b></td>
</tr>
    <tr>
      <td bgcolor="#bbceff"><input name="privileges[]" value="4" type="checkbox" <?php echo $disabled; if(substr_count($member_rights, ',4,') > 0){echo 'checked';} ?>></td>
      <td bgcolor="#bbceff"><input name="privileges[]" value="5" type="checkbox" <?php echo $disabled; if(substr_count($member_rights, ',5,') > 0){echo 'checked';} ?>></td>
      <td bgcolor="#bbceff"><input name="privileges[]" value="6" type="checkbox" <?php echo $disabled; if(substr_count($member_rights, ',6,') > 0){echo 'checked';} ?>></td>
    </tr>
    <tr>
<tr>
<td bgcolor="#DEF8C5" style="font-size : 11px;"><b>Berechtigungen setzen</b></td>
<td bgcolor="#DEF8C5" style="font-size : 11px;"><b>News erstellen</b></td>
<td bgcolor="#DEF8C5" style="font-size : 11px;"><b>News bearbeiten</b></td>
</tr>
      <td bgcolor="#bbceff"><input name="privileges[]" value="7" type="checkbox" <?php echo $disabled; if(substr_count($member_rights, ',7,') > 0){echo 'checked';} ?>></td>
      <td bgcolor="#bbceff"><input name="privileges[]" value="8" type="checkbox" <?php echo $disabled; if(substr_count($member_rights, ',8,') > 0){echo 'checked';} ?>></td>
      <td bgcolor="#bbceff"><input name="privileges[]" value="9" type="checkbox" <?php echo $disabled; if(substr_count($member_rights, ',9,') > 0){echo 'checked';} ?>></td>
    </tr>
<tr>
<td bgcolor="#DEF8C5" style="font-size : 11px;"><b>News l&ouml;schen</b></td>
<td bgcolor="#DEF8C5" style="font-size : 11px;"><b>Kalender bearbeiten</b></td>
<td bgcolor="#DEF8C5" style="font-size : 11px;"><b>Protokolle l&ouml;schen</b></td>
</tr>
    <tr>
      <td bgcolor="#bbceff"><input name="privileges[]" value="10" type="checkbox" <?php echo $disabled; if(substr_count($member_rights, ',10,') > 0){echo 'checked';} ?>></td>
      <td bgcolor="#bbceff"><input name="privileges[]" value="11" type="checkbox" <?php echo $disabled; if(substr_count($member_rights, ',11,') > 0){echo 'checked';} ?>></td>
      <td bgcolor="#bbceff"><input name="privileges[]" value="12" type="checkbox" <?php echo $disabled; if(substr_count($member_rights, ',12,') > 0){echo 'checked';} ?>></td>
    </tr>
<tr>
<td bgcolor="#DEF8C5" style="font-size : 11px;"><b>Vorstand festlegen</b></td>
<td bgcolor="#DEF8C5" style="font-size : 11px;"><b>&nbsp;</b></td>
<td bgcolor="#DEF8C5" style="font-size : 11px;"><b>&nbsp;</b></td>
</tr>
    <tr>
      <td bgcolor="#bbceff"><input name="privileges[]" value="13" type="checkbox" <?php echo $disabled; if(substr_count($member_rights, ',13,') > 0){echo 'checked';} ?>></td>
      <td bgcolor="#bbceff"><input name="privileges[]" value="14" type="checkbox" <?php echo $disabled; if(substr_count($member_rights, ',14,') > 0){echo 'checked';} ?>></td>
      <td bgcolor="#bbceff"><input name="privileges[]" value="15" type="checkbox" <?php echo $disabled; if(substr_count($member_rights, ',15,') > 0){echo 'checked';} ?>></td>
    </tr>
  </tbody>
</table></td>
</tr>
<tr>
<td><img src="./rechen-captcha.php"></td>
<td><input type="text" name="sicherheitscode" size="5"></td>
</tr>
<tr>
<td colspan="2" align="center"><input type="hidden" name="action" value="edit_user"><input type="submit" name="Submit" value="Speichern"> -_- <input type="button" value="Abbrechen" onClick="javascript:window.location.replace('admin_member.php');"></td>
</tr>
</table>
</form>
<?php 
}else{
echo "<b>Zu dieser ID wurde keine Person gefunden!";
} 
?>
</p>
</td>
          </tr>
          <tr>
            <td width="378" height="19"> 
              &nbsp;</td>
          </tr>
        </table>
        
        
<!-- Inhaltstabelle Ende-->



      </td>
      <td rowspan="2"><img src="images/spdde/common/trans.gif" width="10" height="1" alt="" border="0" /></td>
      <td rowspan="2" width="170" valign="top" bgcolor="#FDF8EF">
        <table border="0" cellpadding="0" cellspacing="0" bgcolor="#FCDAD0">
          <tr><td><img src="images/spdde/common/trans.gif" width="170" height="18" alt="" /></td></tr>
        </table>

        <table border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td><img src="images/spdde/common/trans.gif" width="12" height="25" alt="" /></td>
            <td></td>
          </tr>
          <tr>
            <td></td>
            <td><img src="images/spdde/portal/basics/linie_2nd.gif" width="146" height="1" vspace="2" alt="" /></td>
          </tr>
          <tr>
            <td></td>
            <td width="146"><span class="navi4thnolink">Interaktiv</span></td>
          </tr>
        </table>


<!-- Eintrag Interaktiv Anfang -->        
        <?php
include('./layout/navigation/right_navi.inc.php');
?>
<!-- Eintrag Interaktiv Ende -->
<?php
include('./layout/right.inc.php');
?>
      </td>
    </tr>
    <tr>  <!-- hier beginnt der footer -->
      <td width="410" valign="bottom" bgcolor="#FDF8EF">
        <table border="0" cellspacing="0" cellpadding="0" bgcolor="#FDF8EF">
          <tr>
            <td rowspan="4"><img src="images/spdde/common/trans.gif" width="16" height="1" alt="" /></td>
            <td><img src="images/spdde/common/trans.gif" width="1" height="10" alt="" /></td>
          </tr>
          <tr>
            <td valign="top"><a href="#top">
            <img src="images/spdde/portal/basics/hoch.gif" border="0" alt="" width="8" height="8" /></a></td>
          </tr>
          <tr>
            <td bgcolor="#A70D01"><img src="images/spdde/common/trans.gif" width="378" height="2" alt="" /></td>
          </tr>
          <tr>
            <td height="16" valign="middle" align="right">&copy; <?php echo $global_copy . " - " . $global_years; ?> &nbsp;<a href="impressum.php">Impressum</a></td>
          </tr>
        </table>
      </td>
    </tr>
  </table>

  </div>
</body>
</html>
<?php
//Hier Ende des authentifizierten Bereiches
}else{
header('Location: admin_false.php');
exit;
}
}else{
header('Location: false.php');
exit;
}
?>